Security News > 2021

As our digital lives continue to grow, and online scammers learn new tricks, it is important to know how to identify an Instagram scam, and what to do if you are targeted. Here are the eight most common scams to watch out for, according to Instagram.

Microsoft has shared a workaround for customers experiencing 0xc004c003 activation failures on Windows 10, version 2004 and 20H2 devices after installing the January 2021 monthly "C" release KB4598291 preview update. "This issue might occur when you try to activate the operating system with an OEM Activation 3.0 Digital Product Key," Microsoft explains.

Netop, the company behind a popular software tool designed to let teachers remotely access student computers, has fixed four security bugs in its platform. "In Netop Vision Pro 9.7.2, released in late February, Netop has fixed the local privilege escalations, encrypted formerly plaintext Windows credentials, and mitigated the arbitrary read/writes on the remote filesystem within the MChat client," according to a Sunday report by the McAfee Labs Advanced Threat Research team, which discovered the flaws.

"What's hot right now in security?" is one of the most common questions I hear from CISOs, vendors and VCs alike. The reality is that every practitioner, market, company and team is different in what they prioritize as part of their security program.

A lawyer for a Cypriot hacker who has served almost four years behind bars said he will not appeal against a one-year jail sentence in the US for cyber-crimes he committed as a minor. A Georgia court handed down the jail term on Thursday in the trial of Joshua Pelloso Epifaniou, now 22, who was arrested in Cyprus in May 2017 and last year became the first Cypriot national ever extradited to the United States.

Mozilla has announced that it will introduce a more privacy-focused default Referrer Policy to protect Firefox users' privacy, starting with the web browser's next version. Once updated, the web browser will automatically trim user-sensitive information like path and query string information accessible from the Referrer URL. This URL is sent together with the HTTP Referrer header between websites during subresources requests and navigating between sites by clicking on links.

Adobe has released out-of-band security updates to address a critical vulnerability impacting ColdFusion versions 2021, 2016, and 2018. Today's emergency updates patch an arbitrary code execution security flaw caused by an Improper Input Validation software vulnerability.

In an unscheduled security update, Adobe is warning of a critical security flaw in its ColdFusion platform, used for building web applications. Further information on the flaw - including where in ColdFusion it exists, and how difficult it is to exploit, were not addressed; Threatpost has reached out to Adobe for further comment.

The soon-to-be-retired service had roughly 300 customers at the time, with up to 25 of them suffering significant data compromise following the incident. In a data breach notification last week, Shell confirmed that it too was affected by the security incident.

Adobe has released an urgent patch for a potentially dangerous security vulnerability in Adobe ColdFusion, the platform used for building and deploying mobile and web apps. "These updates resolve a critical vulnerability that could lead to arbitrary code execution," Adobe said in an advisory.